Lately, my clan's server has been lagging profusely. The server owner and member said that he thought he was being DDoS'd by a different clan. His entire computer constantly dropped internet connection, etc.

I began to investigate the issue. I downloaded wireshark and captured network activity for about 60 seconds. I was not surprised to find that over 3 MB of data was captured, and the data was coming from two different IPs. I inspected the UDP packets and found the following data in every single packet: "getstatus".

So, I proceeded to blacklist those two IPs. Low and behold, after doing so the network traffic was fine again, but the Gametracker window on our site said that the game was offline.

Now, I just checked again about 20 minutes later (40 minutes after game went back online) and it is online again!

My question is this; and it will determine whether or not this is indeed a bug to be fixed:

Are the following two offending IPs used by your system to track servers? If they are not, then this indeed was malicious behavior and I need to report it.

184.154.186.51
213.247.35.38

Note: I realize GT caches server status results, so I may have just been seeing cache from before it queried the server again.

Hello,

GameTracker IPs are listed in http://www.gametracker.com/forums/forum.php?site=1&thread=42545

I believe these two threads would be of interest to you...

http://www.gametracker.com/forums/forum.php?site=1&thread=64722

http://www.gametracker.com/forums/forum.php?site=1&thread=71110

_____________

My own servers that were listed (in fact all my servers that were listed on GT) were attacked. I removed them from GT, changed the port, did not re-add them to GT and all was good.

When I added one back to GT to test it, about a week later it started lagging crazy again.

My server was a Quake3 game.